From 00ff400464fca420e0cc7e7ce402d9e9bd3ea8ec Mon Sep 17 00:00:00 2001
From: Byron Jones <bjones@mozilla.com>
Date: Thu, 28 Mar 2013 14:16:58 +0800
Subject: Bug 850639: Set an upper limit on the number of nodes the dependency
 graph will display r=LpSolit, a=LpSolit

---
 Bugzilla/Constants.pm                           |  4 ++++
 showdependencygraph.cgi                         | 12 +++++++++---
 template/en/default/global/user-error.html.tmpl |  5 +++++
 3 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/Bugzilla/Constants.pm b/Bugzilla/Constants.pm
index 212816a05..765dacd99 100644
--- a/Bugzilla/Constants.pm
+++ b/Bugzilla/Constants.pm
@@ -167,6 +167,7 @@ use Memoize;
     MAX_POSSIBLE_DUPLICATES
     MAX_ATTACH_FILENAME_LENGTH
     MAX_QUIP_LENGTH
+    MAX_WEBDOT_BUGS
 
     PASSWORD_DIGEST_ALGORITHM
     PASSWORD_SALT_LENGTH
@@ -570,6 +571,9 @@ use constant MAX_ATTACH_FILENAME_LENGTH => 255;
 # Maximum length of a quip.
 use constant MAX_QUIP_LENGTH => 512;
 
+# Maximum number of bugs to display in a dependency graph
+use constant MAX_WEBDOT_BUGS => 2000;
+
 # This is the name of the algorithm used to hash passwords before storing
 # them in the database. This can be any string that is valid to pass to
 # Perl's "Digest" module. Note that if you change this, it won't take
diff --git a/showdependencygraph.cgi b/showdependencygraph.cgi
index 2f10551a1..838402a8e 100755
--- a/showdependencygraph.cgi
+++ b/showdependencygraph.cgi
@@ -29,7 +29,7 @@ my $vars = {};
 # performance.
 my $dbh = Bugzilla->switch_to_shadow_db();
 
-local our (%seen, %edgesdone, %bugtitles);
+our (%seen, %edgesdone, %bugtitles, $bug_count);
 
 # CreateImagemap: This sub grabs a local filename as a parameter, reads the 
 # dot-generated image map datafile residing in that file and turns it into
@@ -76,6 +76,7 @@ sub AddLink {
     if (!exists $edgesdone{$key}) {
         $edgesdone{$key} = 1;
         print $fh "$dependson -> $blocked\n";
+        $bug_count++;
         $seen{$blocked} = 1;
         $seen{$dependson} = 1;
     }
@@ -108,10 +109,10 @@ chmod Bugzilla::Install::Filesystem::CGI_WRITE, $filename
 my $urlbase = Bugzilla->params->{'urlbase'};
 
 print $fh "digraph G {";
-print $fh qq{
+print $fh qq(
 graph [URL="${urlbase}query.cgi", rankdir=$rankdir]
 node [URL="${urlbase}show_bug.cgi?id=\\N", style=filled, color=lightgrey]
-};
+);
 
 my %baselist;
 
@@ -224,6 +225,11 @@ foreach my $k (@bug_ids) {
 print $fh "}\n";
 close $fh;
 
+if ($bug_count > MAX_WEBDOT_BUGS) {
+    unlink($filename);
+    ThrowUserError("webdot_too_large");
+}
+
 my $webdotbase = Bugzilla->params->{'webdotbase'};
 
 if ($webdotbase =~ /^https?:/) {
diff --git a/template/en/default/global/user-error.html.tmpl b/template/en/default/global/user-error.html.tmpl
index 6d03eaa4b..58d347376 100644
--- a/template/en/default/global/user-error.html.tmpl
+++ b/template/en/default/global/user-error.html.tmpl
@@ -1798,6 +1798,11 @@
     Sorry, but you are not allowed to (un)mark comments or attachments
     as private.
 
+  [% ELSIF error == "webdot_too_large" %]
+    [% title = "Dependency Graph Too Large" %]
+    The dependency graph contains too many [% terms.bugs %] to display (more
+    than [% constants.MAX_WEBDOT_BUGS FILTER html %] [%+ terms.bugs %]).
+
   [% ELSIF error == "wrong_token_for_cancelling_email_change" %]
     [% title = "Wrong Token" %]
     That token cannot be used to cancel an email address change.
-- 
cgit v1.2.3-24-g4f1b